Professional Documents
Culture Documents
Information Technology Auditing 4th Edition James A Hall Test Bank 4 PDF Free
Information Technology Auditing 4th Edition James A Hall Test Bank 4 PDF Free
https://tbzuiqe.com/product/information-technology-auditing-4th-edition-james-a-hall-test-bank/
Sample Test
Chapter 3—Security Part I: Auditing Operating Systems and
Networks
TRUE/FALSE
ANS: F PTS: 1
ANS: F PTS: 1
ANS: T PTS: 1
ANS: T PTS: 1
ANS: F PTS: 1
7. Operating system controls are of interest to system
professionals but should not concern accountants and
auditors.
ANS: F PTS: 1
ANS: T PTS: 1
ANS: T PTS: 1
ANS: T PTS: 1
ANS: T PTS: 1
ANS: T PTS: 1
ANS: F PTS: 1
ANS: T PTS: 1
ANS: T PTS: 1
ANS: T PTS: 1
ANS: F PTS: 1
ANS: T PTS: 1
ANS: T PTS: 1
20. IP spoofing is a form of masquerading to gain
unauthorized access to a Web server.
ANS: T PTS: 1
ANS: T PTS: 1
ANS: T PTS: 1
ANS: T PTS: 1
ANS: F PTS: 1
ANS: F PTS: 1
ANS: T PTS: 1
ANS: T PTS: 1
ANS: F PTS: 1
ANS: F PTS: 1
ANS: T PTS: 1
ANS: T PTS: 1
ANS: F PTS: 1
ANS: T PTS: 1
ANS: F PTS: 1
MULTIPLE CHOICE
ANS: C PTS: 1
ANS: B PTS: 1
a. Trojan horse
b. worm
c. logic bomb
ANS: B PTS: 1
a. logic bomb
b. Trojan horse
c. worm
d. back door
ANS: D PTS: 1
ANS: D PTS: 1
6. Hackers can disguise their message packets to look as if
they came from an authorized user and gain access to the
host’s network using a technique called
a. spoofing.
b. spooling.
c. dual-homed.
d. screening.
ANS: A PTS: 1
ANS: B PTS: 1
8. Which control will not reduce the likelihood of data loss
due to a line error?
a. echo check
b. encryption
ANS: B PTS: 1
a. echo check
b. parity bit
d. message sequencing
ANS: C PTS: 1
d. request-response technique
ANS: A PTS: 1
ANS: D PTS: 1
ANS: B PTS: 1
ANS: D PTS: 1
ANS: D PTS: 1
ANS: C PTS: 1
b. the policy that all software upgrades are checked for viruses before
d. the policy that permits users to take files home to work on them
ANS: D PTS: 1
d. access the vendor’s open purchase order file with read-only authori
ANS: C PTS: 1
ANS: B PTS: 1
a. firewalls
b. one-time passwords
c. field interrogation
d. data encryption
ANS: C PTS: 1
c. parity checks
d. data encryption
ANS: C PTS: 1
b. access controls
ANS: D PTS: 1
ANS: B PTS: 1
ANS: A PTS: 1
a. LAN
b. decentralized network
c. multidrop network
d. Intranet
ANS: D PTS: 1
ANS: D PTS: 1
a. file server
c. multiplexer
d. bridge
ANS: B PTS: 1
combines the messages of multiple users into one packet for transm
a. is disassembled into the individual messages and distributed to the
ANS: C PTS: 1
c. is an Internet facility that links user sites locally and around the w
ANS: B PTS: 1
a. URL masquerading
d. a smurf attack
ANS: D PTS: 1
d. the functions of the central site are taken over by a designated wor
ANS: B PTS: 1
31. Which of the following statements is correct? The
client-server model
ANS: B PTS: 1
d. when the central database does not have to be concurrent with the
ANS: A PTS: 1
ANS: C PTS: 1
d. turns the target victim’s computers into zombies that are unable to
ANS: A PTS: 1
36. FTP
ANS: D PTS: 1
37. IP spoofing
ANS: B PTS: 1
38. HTML
ANS: A PTS: 1
ANS: C PTS: 1
40. An IP Address:
b. is the unique address that every computer node and host attached
ANS: B PTS: 1
b. derived from the digest of a document that has been encrypted with
ANS: B PTS: 1
42. HTTP
ANS: B PTS: 1
ANS: C PTS: 1
SHORT ANSWER
1. What is a virus?
ANS:
A virus is a program that attaches itself to another legitimate
program in order to penetrate the operating system.
PTS: 1
ANS:
call-back devices, data encryption, message sequence
numbering, message authentication codes, message
transaction logs, and request-response technique
PTS: 1
ANS:
users failing to remember passwords; failure to change
passwords frequently; displaying passwords where others can
see them; using simple, easy-to-guess passwords
PTS: 1
ANS:
The one-time password was designed to overcome the
problems associated with reusable passwords.
The user’s password changes continuously.
This technology employs a credit card-sized smart card that
contains a microprocessor programmed with an algorithm that
generates, and electronically displays, a new and unique
password every 60 seconds.
The card works in conjunction with special authentication
software located on a mainframe or network server computer.
Each user’s card is synchronized to the authentication
software, so that at any point in time both the smart card and
the network software are generating the same password for
the same user.
PTS: 1
ANS:
Event monitoring summarizes key activities related to system
resources. Event logs typically record the IDs of all users
accessing the system; the time and duration of a user’s
session; programs that were executed during a session; and
the files, databases, printers, and other resources accessed.
PTS: 1
ANS:
When testing EDI controls, the auditor’s primary concerns are
related to ascertaining that EDI transactions are authorized,
validated, and in compliance with organization policy, that no
unauthorized organizations gain access to records, that
authorized trading partners have access only to approved data,
and that adequate controls are in place to maintain a complete
audit trail.
PTS: 1
ANS:
Intrusion Prevention Systems (IPS) that employ deep packet
inspection (DPI) are a countermeasure to DDoS attacks.
PTS: 1
ANS:
DPI is a technique that searches individual network packets
for protocol non-compliance and can identify and classify
malicious packets based on a database of known attack
signatures.
PTS: 1
ANS:
The targeted organization can program their firewall to ignore
all communication from the attacking site, once the attackers
IP address is determined.
PTS: 1
ANS:
Two things can be done:
First, Internet hosts can program their firewalls to block
outbound message packets that contain invalid internal IP
addresses.
Second, security software can scan for half-open connections
that have not been followed by an ACK packet. The clogged
ports can then be restored to allow legitimate connections to
use them.
PTS: 1
ANS:
To encode a message, the sender provides the encryption
algorithm with the key, which produces the ciphertext
message. This is transmitted to the receiver’s location, where
it is decoded using the same key to produce a cleartext
message. Because the same key is used for coding and
decoding, control over the key becomes an important security
issue. The more individuals that need to exchange encrypted
data, the greater the chance that the key will become known
to an intruder who could intercept a message and read it,
change it, delay it, or destroy it.
PTS: 1
ANS:
This approach uses two different keys: one for encoding
messages and the other for decoding them. The recipient has a
private key used for decoding that is kept secret. The
encoding key is public and published for everyone to use.
Receivers never need to share private keys with senders,
which reduces the likelihood that they fall into the hands of an
intruder. One of the most trusted public key encryption
methods is Rivest-Shamir-Adleman (RSA). This method is,
however, computationally intensive and much slower than
private key encryption.
PTS: 1
ESSAY
ANS:
An operating system is a computer’s control program. It
controls user sharing of applications and resources such as
processors, memory, databases, and peripherals such as
printers. Common PC operating systems include Windows
2000, Windows NT, and Linux.
An operating system carries out three primary functions:
translating high level languages into machine language using
modules called compilers and interpreters; allocating
computer resources to users, workgroups, and applications;
and managing job scheduling and multiprogramming.
Operating systems have five basic control objectives:
PTS: 1
ANS:
Audit trails support system security objectives in three ways.
By detecting unauthorized access to the system, the audit
trail protects the system from outsiders trying to breach
system controls. By monitoring system performance, changes
in the system may be detected. The audit trail can also
contribute to reconstructing events such as system failures,
security breaches, and processing errors. In addition, the
ability to monitor user activity can support increased personal
accountability.
PTS: 1
ANS:
PTS: 1
ANS:
Browsing involves searching through areas of main memory for
password information.
Masquerading is a technique where a user is made to believe
that he/she has accessed the operating system and therefore
enters passwords, etc., that can later be used for unauthorized
access.
A virus is a program that attaches itself to legitimate software
to penetrate the operating system. Most are destructive.
A worm is software that replicates itself in memory.
A logic bomb is a destructive program triggered by some
“logical” condition–a matching date, e.g., Michelangelo’s
birthday.
PTS: 1
ANS:
When the user logs on, he or she is presented with a dialog box
requesting the user’s ID and password. The system compares
the ID and password to a database of valid users. If the system
finds a match, then the log-on attempt is authenticated. If,
however, the password or ID is entered incorrectly, the log-on
attempt fails and a message is returned to the user. The
message should not reveal whether the password or the ID
caused the failure. The system should allow the user to
reenter the log-on information. After a specified number of
attempts (usually no more than five), the system should lock
out the user from the system.